Which two actions permit the system-log service to receive messages from a remote Solaris host?

Which two actions permit the system-log service to receive messages from a remote Solaris host?

Which two actions permit the system-log service to receive messages from a remote Solaris host?

A.
setting the property config/log_from_remote to true and restarting the service

B.
setting the property config/log_from_remote to *.noticoand restart the service

C.
configuring a selector for remote messages in the /etc/syslog.conf file

D.
ensuring that port 514 is open to remote traffic and doesn’t require a password

Explanation:
A: To restart remote logging:
svccfg -s system-log setprop config/log_from_remote=true

svcadm restart system-log
D: You can run ‘snoop’ on the interface to see if you see syslog packets leaving the server
snoop udp port 514

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

picoman

picoman

A,C

The following commands enable syslogd to accept entries from
remote systems.

# svccfg -s svc:/system/system-log setprop config/log_from_remote = true
# svcadm restart svc:/system/system-log

Reply

dupek

dupek

A, C
D is tricky one. If you do not open 514/udp system-log are still able to receive logs from remote host, but clients can not connect because ipfilter 🙂

Reply

riverPlate

riverPlate

A and D are correct
When syslogd is started by means of svcadm(1M), if a value is specified for LOG_FROM_REMOTE in the /etc/defaults/syslogd file, the SMF property svc:/system/system-log/config/log_from_remote is set to correspond to the LOG_FROM_REMOTE value and the /etc/default/syslogd file is modified to replace the LOG_FROM_REMOTE specification with the following comment:

# LOG_FROM_REMOTE is now set using svccfg(1m), see syslogd(1m).

If neither LOG_FROM_REMOTE nor svc:/system/system-log/config/log_from_remote are defined, the default is to log remote messages.

Reply